On Monday 06 April 2009 17:04:02 Jan Zerebecki wrote:
> I read a bit about OpenID security issues and from that it seems
> that OpenID is more secure than what we currently use if the
> Relying Party ( the website that wants to authenticate a user,
> i.e. winehq.org ) and the OpenID Provider get their
> implementation right (i.e. I have not found any security bug in
> the spec itself). The downside is that there is one more party
> that can be compromised, the upside is that this party is usually
> the hardest to compromise and that it ensures that some attacks
> don't work on the other two parties (that previously worked).
>> I may be wrong, so please correct me.
I see the attack scenario where someone stole an openid user's identity and is
now using that to do bad things on the wine sites.
Also, the flaw I see in the OpenID spec is that they're not requiring the use
of SSL, but you decided to not allow the MITM attack against the DH exchange
as an argument. So all I can say is that while all the points I could raise
are invalidated by your exclusion, I don't like the OpenID design and don't
want to support it. There's good password safe programs available for people
who don't want to remember their logins for multiple sites. That should be
good enough.
Kai
--
Kai Blin
WorldForge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/
--
Will code for cotton.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20090407/fde4647b/attachment.pgp>